<?php session_start(); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" 
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title></title>
<link rel="stylesheet" type="text/css" href="../css/admin.css"/>

<script type="text/javascript">    
    function cancel()
    {
        window.location = "../";      
    }
</script>

</head>

<body>
    <div id="login">
        <div id="title">
            <b>ĐĂNG NHẬP VỚI QUYỀN QUẢN TRỊ</b>
        </div>
        
        <div id="form">            
            <table>
                <!--begin form--><form action="" method="POST">
                <tr>
                    <td>Tên đăng nhập: </td>
                    <td><input type="text" name="admin_name" /></td>
                </tr>
                <tr>
                    <td>Mật khẩu:</td>
                    <td><input type="password" name="admin_password" /></td>
                </tr>
                <tr>
                    <td></td>
                    <td>
                        <input type="submit" name="login" value="Đăng nhập" name="ad_login" />
                </form><!--end form-->
                        <input type="button" name="cancel" onclick="cancel()" value="Hủy" />
                    </td>
                </tr>                                 
            </table>            
        </div>    
    </div> <!-- END LOGIN-->

</body>
</html>
<?php
	include_once('../app/connection.php');
	//session_start(); 
    if(isset($_POST['admin_name']) && isset($_POST['admin_password'])) {
		$u = $_POST['admin_name'];
		$p = md5($_POST['admin_password']);
		$str = mysql_query("SELECT * FROM quantrivien WHERE MAQUANTRI='$u' AND PASSWORD='$p'");
		$r = mysql_fetch_row($str);
		if($r != 0)
		{	
            $_SESSION['admin_login'] = 1;
			echo "<meta http-equiv=\"refresh\" content=\"0; URL=index.php\">";
		}
		else
		{
			echo "<script>alert('Tên đăng nhập hoặc mật khẩu không đúng!')</script>";
		}
	}
?>